General
-
Target
b7ab91889289babcced64e9acb2394a0N
-
Size
4.8MB
-
Sample
240913-12nvvssdlh
-
MD5
b7ab91889289babcced64e9acb2394a0
-
SHA1
74e4096979036cc9bae821746966bcea0a666f2a
-
SHA256
2d209a6330260b7b7e55ccce687dd89f934efb3c892e4153eb74102d0faaced2
-
SHA512
dcdb58503b7bced0f025430cc010c51604216bf0867370111d4e3cbfacd95e0e87219649742fcea45f3ce475d91c34d438b2d9ee6d49ffcbfd4457699a70bb79
-
SSDEEP
98304:z9/9FHn51DY7VLm2/QvMMFJ7wbz9VtUl9rv:z9fHn6X/QBFUV8r
Static task
static1
Behavioral task
behavioral1
Sample
b7ab91889289babcced64e9acb2394a0N.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
b7ab91889289babcced64e9acb2394a0N
-
Size
4.8MB
-
MD5
b7ab91889289babcced64e9acb2394a0
-
SHA1
74e4096979036cc9bae821746966bcea0a666f2a
-
SHA256
2d209a6330260b7b7e55ccce687dd89f934efb3c892e4153eb74102d0faaced2
-
SHA512
dcdb58503b7bced0f025430cc010c51604216bf0867370111d4e3cbfacd95e0e87219649742fcea45f3ce475d91c34d438b2d9ee6d49ffcbfd4457699a70bb79
-
SSDEEP
98304:z9/9FHn51DY7VLm2/QvMMFJ7wbz9VtUl9rv:z9fHn6X/QBFUV8r
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
AgentTesla payload
-
Looks for VirtualBox Guest Additions in registry
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-